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DETAILED ACTION 

1 . This action is responsive to communications: application, filed 10/29/2001 ; 
amendment filed 9/6/2006. 

2. Claims 1-25 are pending in the case. Claims 1-24 were amended. 

Response to Arguments 

3. ApplicantshaveamendedClaims1,2, 4, 5, 7, 8, 10, 11. 13, 14, 16, 17, 19 and 22 
to limit the "secure storage device" and the "secure device" to a particular species, i.e., 

a resource-constrained device. However, this new limitation does not patentably 
distinguish the claims from the cited prior art Gabber. As described in Gabber col. 18, 
line 52 to col. 19, line 32, Gabber's invention can be implemented on a variety of 
hardware and firmware configurations, including field programmable gate arrays. As 
described by Applicants specification paragraph [0102], a "Resource-constrained 
device" is a device such as field programmable devices. This clearly shows that Gabber 
teaches use of a "Resource-constrained device", as specified by applicant's invention, 
and shows that his invention is compatible which such devices. 

4. Applicant has amended claims to include: "said requesting occurring prior to 
requesting said user data from another device different from said user-controlled 
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resource-constrained device when said user data is unavailable from said user- 
controlled resource-constrained device ". However, the new limitation does not 
distinguish the invention over prior art because when the data is available from the "said 
user-controlled resource-constrained device", there is no need to request data from 
another device. Therefore, "the said requesting" must have been prior to a request from 
"another device different from said user-controlled resource-constrained device when 
said user data is unavailable". Note that it is inherent to a computer system that when 
data is not available in a device to look for data in the other devices registered as data 
resources. 

5. Applicants have also amended claims 3, 6, 9, 12, 15, 18, 21 and 24 to define 
reconstructing. However, the new limitation in claim 3 includes: "wherein original user 
data was reconfigured to generate said user data and said reconstructing generates 
said original user data". Applicant fails to identify a portion of specification that supports 
the new limitation. Fig. 51 and the description thereof, which was the only part of 
specification cited jn relation to the mentioned limitation, does not specify anything but 
reconstruction of the cookies by the server, and includes no description on generation of 
original user data . If applicant relies on general practice of reconstruction of modified or 
altered cookies as it is understood by a person skilled in art, then such new limitation 
does not distinguish the claims from the prior art. It was well-known at the time of 
invention that cookies are generated according to certain a format, and include data so 
they could be identified and recognized by the web server that generated the cookies. 
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Some web servers go as long as encrypting coolties before they are sent to the user. 
Apparently, the encrypted cookies are reconstructed (decrypted) to generate the original 
cookie. Therefore the new limitation is inherently part of operation of a web server. 

6. Applicant has also added the limitation of: "reconfiguring a bit pattern of the said 
cookie". However, whenever a cookie is reconfigured, the reconfiguration results in 
reconfiguration of the bit pattern of the cookie. Therefore, change in the bit pattern of a 
cookie, when the cookie is reconfigured, is inherently disclosed. 

Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

8. Claims 1 to 19, 21, 22 and 24 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Gabber (European Patent Publication No. 855659 A1 , published July 
29, 1998). 

8.1 . As per claim 1 , Gabber is directed to a method for browsing a data 
communication network (column 6 line 1 to 19), the method comprising: 
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requesting user data (Fig. 2 and 3 and column 9 line 50 to column 10 line 15, 
also mentioned in column 12 line 45 to 48) from a resource-constrained device 
(which may be the user device itself (for example Fig. 3, item 105), or the 
peripheral proxy server (Fig. 3, item 120 and associated text). Note that the user 
device stores user data as indicated in column 12 line 31 to 35. Also note that 
per Gabber col. 18, line 52 to col. 19, line 32, Gabber's invention can be 
implemented using a field programmable gate array, which, per applicant's 
definition, is a resource -constrained device) when a network site that requires 
user data is accessed (column 14 line 9 to 16) said requesting occurring prior to 
requesting said user data from another device different from said user-controlled 
resource-constrained device when said user data is unavailable from said user- 
controlled resource-constrained device (this limitation is trivial. See response to 
arguments above); and sending said user data to a network server associated 
with said network site when said user data is received from the said user 
controlled resource-constrained device (column 14 line 9 to 16). 



8.2. As per claim 2, Gabber is directed to a method for browsing a data 
communication network (column 6 line 1 to 19), the method comprising: 

receiving, by a user-controlled resource-constrained device (the proxy server is 
secured and is user-controlled as the user controls which proxy perform data 
modification (see column 9 line 12 to 15)), a request for user data (column 13 line 
34 to 35) ; returning said user data by a user-controlled resource-constrained 
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device when said user data is found stored on said user-controlled resource- 
constrained device and when returning said user data for said request is enabled 
and when said user data comprise static user data (static data is user data that 
requires no modification since it does not reveal user identity. As per column 13 
line 35 to 41 , the user original request is fonA/arded to the server with no 
modification); reconfiguring said user data when said user data is found and 
when returning user data for said request is enabled and when said user data is 
said dynamic user data (dynamic user data is the data that must be modified to 
protect user identity. As per column 13 line 50 to column 14 line 5, user name is 
reconfigured before sending to server); and returning said configured user data 
by said user-controlled resource-constrained device (column 14 line 6 to 16). 



8.3. As per claim 3, Gabber is directed to a method for servicing data communication 
network (column 6 line 1 to 19), information units, the method comprising: 

receiving user data associated with a network site by a server (which is the 
function of a proxy or a web server, exemplified in Fig, 1 , 2, 5 and 6 item 1 lOg 
and mentioned in column 6 line 16 as server sites); determining by said server 
whether said user data comprises static user data or said data comprises 
dynamic user data (the proxy sends static user data with no change as described 
in column 13 line 38, and modifies dynamic user data as described in column 13 
line 57 to column 14 line 5) using by said server said user data when said 
determining finds said user data comprises static user data; and reconstructing 
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by said server said user data before using data when said determining finds said 
user data comprises said dynamic user data (column 8 line 15 to 50 describes 
transmission of user data, such as alias user names, passwords, email 
addresses, postal addresses, credit card numbers to a web server. The proxy 
detennines whether data is dynamic or static itself, as it modifies the dynamic 
data and uses static data with no modification) wherein original user data was 
reconfigured to generate said user data and said reconstructing generates said 
original user data (this limitation is trivial. See response to arguments above). 

8.4. Claims 4, 5, and 6 are disclosed by Gabber, as they are substantially the same 
as claims 1, 2, and 3 above, with the distinction of using Cookies to transfer user data. 
Use of Cookies is disclosed by Gabber in column 18 line 1 to 23. 

8.5. Claims 7 to 12 are disclosed by Gabber, as they are substantially the same as 
claims 1 to 6 above, with the distinction of disclosing a program storage device readable 
by a machine, embodying a program of instructions executable by the machine to 
perform the method of browsing, which is disclosed in column 19. 

8.6. Claims 13 to 18 are disclosed by Gabber, as they are substantially the same as 
claims 1 to 6 above, with the distinction of disclosing an apparatus to perform the 
browsing, which is disclosed in column 19. 
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8.7. Claim 19 is disclosed by Gabber, as it is substantially the same as claim 13 
above, with the distinction of disclosing a network browser as means for requesting and 
sending user data, which is disclosed by Fig. 6 item 300 and column 18. 

8.8. Claim 21 is disclosed by Gabber, as it is substantially the same as claim 15 
above, with the distinction of disclosing a network server as means for receiving and 
using user data, which is disclosed by Fig. 6 item 1 lOg. 

8.9. Claim 22 is disclosed by Gabber, as it is substantially the same as claim 19 
above, with the distinction of disclosing a cookie as means for requesting and sending 
user data. Use of Cookies is disclosed by Gabber in column 18 line 1 to 23. 

8.10. Claim 24 is disclosed by Gabber, as it is substantially the same as claim 21 
above, with the distinction of disclosing a cookie as means for receiving and using user 
data. Use of Cookies is disclosed by Gabber in column 18 line 1 to 23. 

Claim Rejections - 35 USC § 103 
9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth In section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the Invention was made. 
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10. Claims 20, 23 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gabber as applied to claim 16 above, and further in view of Palthenghe (U.S. 
Patent Application Publication No. 2001/0011250 A1, published 8/2/2001). 



10.1 As per claim 20, Gabber is directed to the Apparatus of claim 16. Gabber 
specifies an apparatus for browsing a data communications network, but it does not 
include the specific use of a smart card configured to receive a request for user data, 
and returning the data when it is found. Palthenghe teaches a the benefits of using 
smart cards to store key elements of user data or certificates that helps identify 
an authorized user of the application (paragraph [0076]) 

Gabber and Paltenghe are analogous art because they both specify a method 
providing user data ubiquitously and nomadically while protecting user privacy in data 
networks. 

At the time of invention, it would have been obvious to a skilled person in the art to 
incorporate smart cards as disclosed by Paltenghe in the network browsing apparatus 
of Gabber, as a secure means to store and retrieve user data. 
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The motivation to do so would have been to take advantage of smart cards as a 
portable device, which can securely store and upload users' sensitive and private data 
to the application used by the user at users' discretion. 

10.2. Claim 23 is disclosed by Gabber and Paltenghe, as it is substantially the same as 
claim 20 above, with the distinction of disclosing a cookie as means for receiving and 
using user data. Use of Cookies is disclosed by Gabber in column 18 line 1 to 23. 

10.3 As per claim 25, Gabber is directed to an apparatus for enhanced privacy 
protection in identification in a data communications network (column 7 line 1 to 28). 
Gabber specifically mentions the use of a pseudo random generator (column 1 1 line 20 
to 25) to create a network ID for the user to substitute users real ID in network 
transactions. Gabber does not specifically mention the use of smart cards to store 
randomized ID, but Paltenghe discloses the use of smart cards in conjunction with the 
apparatus disclosed by Gabber (see response to claim 20 above). Therefore, the 
feature is disclosed by Gabber, and further in view of Paltenghe. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is 571 



Application/Control Number: 10/014,934 



Page 1 1 



Art Unit: 2132 

272 3739. The examiner can normally be reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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